<?
@session_start();
if($_SESSION["ids"] != "" && $_SESSION["usernames"] != ""){
	echo "<script>location.href='index.php';</script>";
}
?>

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Purchase System</title>
<style type="text/css">
<!--
body {
	background-color: #d9d5d2;
}
-->
</style>
<script type="text/javascript" src="scripts/jquery-1.4.4.min.js"></script>	
<script type="text/javascript">
$().ready(function() {
	$("#username").focus();
});
</script>
<link href="shet-admin.css" rel="stylesheet" type="text/css" />

</head>

<body leftmargin="0" rightmargin="0" topmargin="0">

<?
require_once("conn.php");
	

	if($_POST["login2"] != ""){

		$user = $_POST["username"];
		$pass = $_POST["password"];

		if($user != "" && $pass != ""){
			$sql = "select a.id as id,username,groups from member as a join pch_user_access as b on a.id=b.user_id WHERE username='$user' AND password=md5('$pass');";
			
			$query = mysql_query($sql);
			$result = mysql_fetch_assoc($query);
			if(mysql_num_rows($query) > 0){
				$_SESSION["ids"] = $result["id"];
				$_SESSION["groups"] = $result["groups"];
				$_SESSION["usernames"] = $result["username"];
				$_SESSION["language"] = "TH";
				echo "<script>location.href='index.php';</script>";
				//echo $_SESSION["ids"]."<:>".$_SESSION["usernames"];
			}else{
				echo "<script>alert(\"Login Error\");location.href=\"login.php\";</script>";
			}
		}

	}else{
?>
<table width="1124" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td><table width="1124" height="590" border="0" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
      <tr>
        <td height="100" align="left" valign="top"><img src="images/head.jpg" width="1124" height="110"></td>
      </tr>
      <tr>
        <td height="390" align="left" valign="top"><table width="1124" border="0" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
          <tr>
            <td width="312" height="48">&nbsp;</td>
            <td width="500">&nbsp;</td>
            <td height="48">&nbsp;</td>
          </tr>
          <tr>
            <td width="312">&nbsp;</td>
            <td align="left" valign="top" bgcolor="#FFFFFF">
            <div><form id="login" name="login" method="post" action="login.php?rand=<?=rand();?>"> 
              <table width="500" border="0" cellspacing="0" cellpadding="0">
                <tr>
                  <td width="118" rowspan="2" align="center" valign="middle"><img src="images/login1.gif" width="118" height="110" /></td>
                  <td width="382" height="24" align="left" valign="middle" class="style_copy6"><strong>Login</strong></td>
                </tr>
                <tr>
                  <td height="200" align="left" valign="top" background="images/bg-login.gif"><table width="382" border="0" cellspacing="0" cellpadding="0">
                    <tr>
                      <td>&nbsp;</td>
                      <td>&nbsp;</td>
                      <td>&nbsp;</td>
                    </tr>
                    <tr>
                      <td width="29">&nbsp;</td>
                      <td width="254">&nbsp;</td>
                      <td width="99">&nbsp;</td>
                    </tr>
                    <tr>
                      <td>&nbsp;</td>
                      <td align="left" class="style_balnk2">Username :</td>
                      <td>&nbsp;</td>
                    </tr>
                    <tr>
                      <td>&nbsp;</td>
                      <td align="left"><label>
                        <input name="username" type="text" id="username"  size="20" />
                      </label></td>
                      <td>&nbsp;</td>
                    </tr>
                    <tr>
                      <td>&nbsp;</td>
                      <td align="left" class="style_balnk2">Password :</td>
                      <td>&nbsp;</td>
                    </tr>
                    <tr>
                      <td>&nbsp;</td>
                      <td align="left"><label>
                        <input name="password" type="password"  size="22" />
                      </label></td>
                      <td>&nbsp;</td>
                    </tr>
                    <tr>
                      <td height="37">&nbsp;</td>
                      <td align="left" valign="middle"><label>
                   
                        <input type="submit" name="login2" id="login2" value="Login" />
                         
                      </label></td>
                      <td>&nbsp;</td>
                    </tr>
                    <tr>
                      <td>&nbsp;</td>
                      <td align="left">&nbsp;</td>
                      <td>&nbsp;</td>
                    </tr>
                  </table></td>
                </tr>
              </table>
            </form></div>            </td>
            <td width="312">&nbsp;</td>
          </tr>
          <tr>
            <td width="312" height="126">&nbsp;</td>
            <td>&nbsp;</td>
            <td>&nbsp;</td>
          </tr>
          <tr>
            <td height="10" colspan="3"><img src="images/line-head.gif" width="1124" height="1"></td>
            </tr>
        </table></td>
      </tr>
      <tr>
        <td height="100" align="center" valign="middle" class="style_balnk2"><p class="style_balnk">Ban Raya Resort &amp; Spa : 7/26 M.3 T.Rassada A.Muang Phuket 83000   Thailand<br />
          Tel: +66-76-22-4439 Fax: +66-76-35-4682 Mobile: +66-835912095<br />
          Email:   banraya_reservation@hotmail.com Website: www.banraya.com</p>
          </td>
      </tr>
    </table></td>
  </tr>
</table>
<?
	}
?>
</body>
</html>
